Skip to content

UsingWildcardDomains.md

Jump to bottom
Chris edited this page Jun 22, 2025 · 2 revisions

Using Wildcard Domains

DockFlare supports the use of wildcard hostnames (e.g., *.example.com) in your container labels. This allows you to route all traffic for any subdomain of a given domain to a specific service, which is especially useful for multi-tenant applications or as a "catch-all" router.

Labeling Strategy

You use the standard dockflare.hostname label but provide a wildcard hostname as the value.

Example docker-compose.yml

This example configures a wildcard route for *.apps.example.com pointing to a single backend service.

version: '3.8'

services:
  # Your DockFlare service definition...
  dockflare:
    # ... (Configuration from Quick Start) ...
    networks:
      - cloudflare-net

  # This service will handle all requests to *.apps.example.com
  wildcard-handler:
    image: traefik/whoami # An example service that can show what hostname it received
    container_name: wildcard-handler
    restart: unless-stopped
    networks:
      - cloudflare-net
    labels:
      # --- DockFlare Labels ---
      - "dockflare.enable=true"

      # Define the wildcard hostname. This will match anything.apps.example.com.
      - "dockflare.hostname=*.apps.example.com"

      # Define the single target service for all matching subdomains
      - "dockflare.service=http://wildcard-handler:80"

Explanation

  • dockflare.hostname="*.apps.example.com": This tells DockFlare to configure the Cloudflare Tunnel to route requests for any immediate subdomain of apps.example.com (e.g., test.apps.example.com, user1.apps.example.com, but not www.test.apps.example.com) to the specified service.
  • dockflare.service="http://wildcard-handler:80": All traffic matching the wildcard hostname will be forwarded to the wildcard-handler container.

Wildcards and Access Policies

You can apply an Access Policy to a wildcard rule just like any other rule. For example, adding the label dockflare.access.policy="authenticate" would require users to log in before accessing any of the subdomains covered by the wildcard.

Rule Precedence

Cloudflare Tunnels prioritize more specific rules over wildcards. This allows you to override the wildcard for specific subdomains. For example, if you have two containers:

  1. Container A (Wildcard): dockflare.hostname="*.example.com"
  2. Container B (Specific): dockflare.hostname="specific.example.com"
  • A request to specific.example.com will be routed to Container B.
  • A request to another.example.com will be caught by the wildcard and routed to Container A.

This makes wildcard routing a flexible and powerful tool for managing dynamic environments.

Clone this wiki locally